Service playbooks
Delivery structure, pricing envelope, resource loading and recurring hooks per service line.
APPENDIX B - SERVICE PLAYBOOKS
- ▸Penetration Testing
- ▸Purpose and scope: Application, API, cloud, external/internal infrastructure, mobile and secure code testing with
- ▸reproducible findings.
- ▸Pricing basis: €8k-€45k EU / $15k-$90k US per engagement.
- ▸Delivery model: Lead pentester, appsec/cloud specialist, QA reviewer, report automation.
- ▸Recurring opportunity: Entry product; should attach Portal, retesting subscription, threat intel and annual
- ▸program.
- ▸DIMENSION PLAYBOOK
Buyer CISO, CIO, CTO, Head of Infrastructure, Head of Identity, Risk/Compliance Lead, Product Security Lead.
Trigger Audit finding, breach, board concern, cloud migration, M&A, product launch, regulatory events pressure, AI rollout.
Deliverab Executive summary, technical evidence, ranked findings, remediation roadmap, retest criteria, les Portal dashboard, board-ready risk narrative.
Margin Standard scopes, AI-assisted reporting, reusable templates, evidence automation, experienced levers QA and clear change-control.
KPI Revenue, gross margin, utilization, report cycle time, critical finding rate, retest conversion, annual program conversion.
APPENDIX B - SERVICE PLAYBOOKS
- ▸Red Teaming
- ▸Purpose and scope: Goal-based adversary simulation, assumed breach, social, cloud, identity, lateral movement
- ▸and executive debriefs.
- ▸Pricing basis: €45k-€180k EU / $90k-$400k US.
- ▸Delivery model: Red team lead, operator team, detection engineer, project security officer.
- ▸Recurring opportunity: Premium brand builder; converts to purple team, detection engineering, identity
- ▸remediation and retainers.
- ▸DIMENSION PLAYBOOK
Buyer CISO, CIO, CTO, Head of Infrastructure, Head of Identity, Risk/Compliance Lead, Product Security Lead.
Trigger Audit finding, breach, board concern, cloud migration, M&A, product launch, regulatory events pressure, AI rollout.
Deliverab Executive summary, technical evidence, ranked findings, remediation roadmap, retest criteria, les Portal dashboard, board-ready risk narrative.
Margin Standard scopes, AI-assisted reporting, reusable templates, evidence automation, experienced levers QA and clear change-control.
KPI Revenue, gross margin, utilization, report cycle time, critical finding rate, retest conversion, annual program conversion.
APPENDIX B - SERVICE PLAYBOOKS
- ▸Purple Team & Detection Engineering
- ▸Purpose and scope: Collaborative offensive/defensive exercises, detection gap analysis, SIEM/EDR tuning, ATT&CK
- ▸mapping. Pricing basis: €25k-€150k EU / $50k-$250k US.
- ▸Delivery model: Red/blue team pair, detection engineer, SOC analyst, reporting lead.
- ▸Recurring opportunity: Strong recurring potential through quarterly exercises and managed detection content.
- ▸DIMENSION PLAYBOOK
Buyer CISO, CIO, CTO, Head of Infrastructure, Head of Identity, Risk/Compliance Lead, Product Security Lead.
Trigger Audit finding, breach, board concern, cloud migration, M&A, product launch, regulatory events pressure, AI rollout.
Deliverab Executive summary, technical evidence, ranked findings, remediation roadmap, retest criteria, les Portal dashboard, board-ready risk narrative.
Margin Standard scopes, AI-assisted reporting, reusable templates, evidence automation, experienced levers QA and clear change-control.
KPI Revenue, gross margin, utilization, report cycle time, critical finding rate, retest conversion, annual program conversion.
APPENDIX B - SERVICE PLAYBOOKS
- ▸AI Security & Agentic AI Pentesting
- ▸Purpose and scope: AI application review, prompt injection testing, model/data exposure, agent tool abuse,
- ▸governance, red teaming of LLM apps.
- ▸Pricing basis: €25k-€120k EU / $50k-$300k US.
- ▸Delivery model: AI security lead, appsec specialist, threat modeller, policy/governance advisor. Recurring
- ▸opportunity: Strategic differentiator; should connect to Injexion AI and Shield/Portal telemetry.
- ▸DIMENSION PLAYBOOK
Buyer CISO, CIO, CTO, Head of Infrastructure, Head of Identity, Risk/Compliance Lead, Product Security Lead.
Trigger Audit finding, breach, board concern, cloud migration, M&A, product launch, regulatory events pressure, AI rollout.
Deliverab Executive summary, technical evidence, ranked findings, remediation roadmap, retest criteria, les Portal dashboard, board-ready risk narrative.
Margin Standard scopes, AI-assisted reporting, reusable templates, evidence automation, experienced levers QA and clear change-control.
KPI Revenue, gross margin, utilization, report cycle time, critical finding rate, retest conversion, annual program conversion.
APPENDIX B - SERVICE PLAYBOOKS
- ▸Cloud Security
- ▸Purpose and scope: AWS/Azure/GCP reviews, cloud identity, IaC, Kubernetes, container security, cloud attack
- ▸path analysis. Pricing basis: €25k-€200k EU / $50k-$350k US.
- ▸Delivery model: Cloud security architect, pentester, DevSecOps engineer.
- ▸Recurring opportunity: Recurring through cloud posture reviews, CNAPP integrations and remediation sprints.
- ▸DIMENSION PLAYBOOK
Buyer CISO, CIO, CTO, Head of Infrastructure, Head of Identity, Risk/Compliance Lead, Product Security Lead.
Trigger Audit finding, breach, board concern, cloud migration, M&A, product launch, regulatory events pressure, AI rollout.
Deliverab Executive summary, technical evidence, ranked findings, remediation roadmap, retest criteria, les Portal dashboard, board-ready risk narrative.
Margin Standard scopes, AI-assisted reporting, reusable templates, evidence automation, experienced levers QA and clear change-control.
KPI Revenue, gross margin, utilization, report cycle time, critical finding rate, retest conversion, annual program conversion.
APPENDIX B - SERVICE PLAYBOOKS
- ▸Incident Response & Digital Forensics
- ▸Purpose and scope: IR retainers, breach response, forensics, containment, recovery, board reporting and lessons
- ▸learned. Pricing basis: Retainers $5k-$50k MRR; incidents $50k-$500k+.
- ▸Delivery model: IR lead, forensic analyst, malware analyst, legal liaison, comms support. Recurring opportunity:
- ▸High-trust recurring; cross-sells hardening, identity and monitoring.
- ▸DIMENSION PLAYBOOK
Buyer CISO, CIO, CTO, Head of Infrastructure, Head of Identity, Risk/Compliance Lead, Product Security Lead.
Trigger Audit finding, breach, board concern, cloud migration, M&A, product launch, regulatory events pressure, AI rollout.
Deliverab Executive summary, technical evidence, ranked findings, remediation roadmap, retest criteria, les Portal dashboard, board-ready risk narrative.
Margin Standard scopes, AI-assisted reporting, reusable templates, evidence automation, experienced levers QA and clear change-control.
KPI Revenue, gross margin, utilization, report cycle time, critical finding rate, retest conversion, annual program conversion.
APPENDIX B - SERVICE PLAYBOOKS
- ▸Threat Intelligence
- ▸Purpose and scope: CVE analysis, sector threat briefings, adversary tracking, OSINT, IOC feeds, exploit intelligence
- ▸and executive briefings.
- ▸Pricing basis: $2k-$50k MRR depending on depth/API.
- ▸Delivery model: Threat intel analyst, reverse engineer, data engineer, editor, automation. Recurring opportunity:
- ▸Direct link to Threat Intel Center and premium API revenue.
- ▸DIMENSION PLAYBOOK
Buyer CISO, CIO, CTO, Head of Infrastructure, Head of Identity, Risk/Compliance Lead, Product Security Lead.
Trigger Audit finding, breach, board concern, cloud migration, M&A, product launch, regulatory events pressure, AI rollout.
Deliverab Executive summary, technical evidence, ranked findings, remediation roadmap, retest criteria, les Portal dashboard, board-ready risk narrative.
Margin Standard scopes, AI-assisted reporting, reusable templates, evidence automation, experienced levers QA and clear change-control.
KPI Revenue, gross margin, utilization, report cycle time, critical finding rate, retest conversion, annual program conversion.
APPENDIX B - SERVICE PLAYBOOKS
- ▸vCISO / Security Program Office
- ▸Purpose and scope: Fractional leadership, board reporting, roadmap, risk register, policy, vendor management,
- ▸compliance coordination.
- ▸Pricing basis: €3k-€15k EU MRR / $7k-$30k US MRR.
- ▸Delivery model: Senior advisor, GRC analyst, technical SME pool.
- ▸Recurring opportunity: Sticky recurring; opens cross-sell into IAM, cloud, testing and portal dashboarding.
- ▸DIMENSION PLAYBOOK
Buyer CISO, CIO, CTO, Head of Infrastructure, Head of Identity, Risk/Compliance Lead, Product Security Lead.
Trigger Audit finding, breach, board concern, cloud migration, M&A, product launch, regulatory events pressure, AI rollout.
Deliverab Executive summary, technical evidence, ranked findings, remediation roadmap, retest criteria, les Portal dashboard, board-ready risk narrative.
Margin Standard scopes, AI-assisted reporting, reusable templates, evidence automation, experienced levers QA and clear change-control.
KPI Revenue, gross margin, utilization, report cycle time, critical finding rate, retest conversion, annual program conversion.
APPENDIX B - SERVICE PLAYBOOKS
- ▸DevSecOps & Secure Development
- ▸Purpose and scope: SDLC hardening, code review, pipeline security, SAST/DAST integration, developer
- ▸enablement. Pricing basis: €20k-€180k EU / $40k-$300k US.
- ▸Delivery model: DevSecOps engineer, appsec consultant, cloud engineer.
- ▸Recurring opportunity: Creates product-friendly automation and tooling opportunities.
- ▸DIMENSION PLAYBOOK
Buyer CISO, CIO, CTO, Head of Infrastructure, Head of Identity, Risk/Compliance Lead, Product Security Lead.
Trigger Audit finding, breach, board concern, cloud migration, M&A, product launch, regulatory events pressure, AI rollout.
Deliverab Executive summary, technical evidence, ranked findings, remediation roadmap, retest criteria, les Portal dashboard, board-ready risk narrative.
Margin Standard scopes, AI-assisted reporting, reusable templates, evidence automation, experienced levers QA and clear change-control.
KPI Revenue, gross margin, utilization, report cycle time, critical finding rate, retest conversion, annual program conversion.
APPENDIX B - SERVICE PLAYBOOKS
- ▸OT / Industrial Security
- ▸Purpose and scope: Manufacturing/critical infrastructure assessment, segmentation, asset discovery, OT incident
- ▸readiness. Pricing basis: €40k-€250k EU / $90k-$500k US.
- ▸Delivery model: OT security lead, network engineer, safety-aware assessor.
- ▸Recurring opportunity: High value but specialist-heavy; prioritize DACH, Belgium, Netherlands and US
- ▸manufacturing.
- ▸DIMENSION PLAYBOOK
Buyer CISO, CIO, CTO, Head of Infrastructure, Head of Identity, Risk/Compliance Lead, Product Security Lead.
Trigger Audit finding, breach, board concern, cloud migration, M&A, product launch, regulatory events pressure, AI rollout.
Deliverab Executive summary, technical evidence, ranked findings, remediation roadmap, retest criteria, les Portal dashboard, board-ready risk narrative.
Margin Standard scopes, AI-assisted reporting, reusable templates, evidence automation, experienced levers QA and clear change-control.
KPI Revenue, gross margin, utilization, report cycle time, critical finding rate, retest conversion, annual program conversion.
APPENDIX B - SERVICE PLAYBOOKS
- ▸Compliance & Assurance
- ▸Purpose and scope: NIS2, DORA, ISO 27001, SOC2, CMMC, PCI DSS, HIPAA-aligned readiness. Pricing basis: €15k-
- ▸€150k EU / $30k-$250k US.
- ▸Delivery model: GRC consultant, technical security SME, auditor liaison.
- ▸Recurring opportunity: Compliance should be used to sell real technical improvement, not paperwork only.
- ▸DIMENSION PLAYBOOK
Buyer CISO, CIO, CTO, Head of Infrastructure, Head of Identity, Risk/Compliance Lead, Product Security Lead.
Trigger Audit finding, breach, board concern, cloud migration, M&A, product launch, regulatory events pressure, AI rollout.
Deliverab Executive summary, technical evidence, ranked findings, remediation roadmap, retest criteria, les Portal dashboard, board-ready risk narrative.
Margin Standard scopes, AI-assisted reporting, reusable templates, evidence automation, experienced levers QA and clear change-control.
KPI Revenue, gross margin, utilization, report cycle time, critical finding rate, retest conversion, annual program conversion.
C APP
Financial model detail INJEXION — GLOBAL STRATEGY 2027–2032
C FINANCIAL MODEL DETAIL
CONSOLIDATED P&L TARGET MODEL
MRR AND ARR TARGET MODEL
KEY ASSUMPTIONS
- ▸Currency: model presented in USD for consolidation; European pricing can be denominated in EUR and
- ▸converted in management reporting.
- ▸Utilization target: 62-68% in 2027 while building assets; 70-78% from 2029 as delivery processes mature.
- ▸Pricing: US enterprise rates are materially higher than EU and APAC averages; LATAM and parts of
- ▸Southern/Eastern Europe use partner-led pricing.
- ▸Gross margin: improves from 57% to 71% as platform/IP and recurring revenue grow.
- ▸Sales cost: front-loaded in the US; channel costs replace some direct country payroll outside core hubs.
- ▸No audited starting financials were available; all figures are top-down targets to be validated against actual
- ▸pipeline and capacity.
- ▸EBITDA
- ▸YEAR REVENUE GROSS PROFIT GM OPERATING EXPENSE EBITDA
- ▸MARGIN
2027 $3.2M $1.8M 57% $2.9M $-1.1M -35%
2028 $10.3M $6.2M 60% $7.2M $-1.0M -10%
2029 $23.3M $14.9M 64% $13.5M $1.4M 6%
2030 $45.7M $30.6M 67% $24.2M $6.4M 14%
2031 $73.5M $50.7M 69% $36.0M $14.7M 20%
2032 $107.3M $76.2M 71% $49.4M $26.8M 25%
SAAS/IP
YEAR ARR-LIKE REVENUE EXIT MRR EQUIVALENT RECURRING SHARE SHARE
2027 $0.7M $0.06M 22% 10%
2028 $3.5M $0.29M 34% 16%
2029 $10.5M $0.87M 45% 22%
2030 $25.6M $2.13M 56% 29%
2031 $47.0M $3.92M 64% 35%
2032 $75.1M $6.26M 70% 40%
D APP
- ▸Source notes and
- ▸external references
- ▸INJEXION — GLOBAL STRATEGY 2027–2032
D SOURCE NOTES AND EXTERNAL REFERENCES
End of document.